← 返回 Skills 市场
msoica

Praesidia

作者 msoica · GitHub ↗ · v0.1.0
cross-platform ⚠ suspicious
1383
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install praesidia-ai-a2a
功能描述
Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent".
使用说明 (SKILL.md)

Praesidia Agent Identity, Verification & Guardrails

Verify AI agents, check trust scores (0-100), discover marketplace agents, and apply guardrails for security and compliance.

Core Capabilities

  • Verify agents - Check if an agent is registered, verified, and trustworthy
  • Trust scores - View 0-100 trust ratings and verification status
  • Agent discovery - Search marketplace for public agents by capability
  • Guardrails - Apply security policies and content moderation to agents
  • A2A protocol - Fetch standard Agent-to-Agent protocol cards

Prerequisites

  1. Praesidia account: https://praesidia.ai
  2. API key from Settings → API Keys
  3. Configure in ~/.openclaw/openclaw.json:
{
  "skills": {
    "entries": {
      "praesidia": {
        "apiKey": "pk_live_your_key_here",
        "env": {
          "PRAESIDIA_API_URL": "https://api.praesidia.ai"
        }
      }
    }
  }
}

For local development, use http://localhost:3000 as the URL.

Quick Reference

1. Verify an Agent

User says: "Is agent chatbot-v2 safe?" / "Verify agent chatbot-v2"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/chatbot-v2/agent-card",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • ✅ Agent name & description
  • 🛡️ Trust score (0-100) and trust level
  • ✓ Verification status (verified date)
  • 🔧 Capabilities (what the agent can do)
  • 📜 Compliance (SOC2, GDPR, etc.)
  • 🔗 Agent card URL

Example output:

✅ ChatBot V2 is verified and safe to use!

Trust Score: 92.5/100 (VERIFIED)
Status: ACTIVE
Capabilities: message:send, task:create, data:analyze
Compliance: SOC2, GDPR
Last verified: 2 days ago

Agent card: https://api.praesidia.ai/agents/chatbot-v2/agent-card

2. List Guardrails for an Agent

User says: "What guardrails are configured for my agent?" / "Show me security policies for chatbot-v2"

Your action:

// First, get the user's organization ID from their profile or context
// Then fetch guardrails
web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails?agentId=${agentId}",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Present to user:

  • List of guardrails with:
    • Name and description
    • Type (RULE, ML, LLM)
    • Category (CONTENT, SECURITY, COMPLIANCE, etc.)
    • Action (BLOCK, WARN, REDACT, REPLACE)
    • Scope (INPUT, OUTPUT, BOTH)
    • Enabled status
    • Trigger count

Example output:

Found 3 guardrails for ChatBot V2:

1. PII Detection (ENABLED)
   - Type: ML | Category: SECURITY
   - Scope: BOTH (input & output)
   - Action: REDACT sensitive data
   - Triggered: 45 times

2. Toxic Language Filter (ENABLED)
   - Type: RULE | Category: CONTENT
   - Scope: BOTH
   - Action: BLOCK toxic content
   - Triggered: 12 times

3. Financial Advice Warning (ENABLED)
   - Type: LLM | Category: COMPLIANCE
   - Scope: OUTPUT only
   - Action: WARN if detected
   - Triggered: 3 times

3. Get Available Guardrail Templates

User says: "What guardrail templates are available?" / "Show me security templates"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/templates",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

Available Templates:

Content Moderation:

  • TOXIC_LANGUAGE - Detect toxic/harmful language
  • PROFANITY_FILTER - Filter profanity
  • HATE_SPEECH - Detect hate speech
  • VIOLENCE_DETECTION - Detect violent content
  • ADULT_CONTENT - Filter adult content

Security:

  • PII_DETECTION - Detect personally identifiable information
  • CREDIT_CARD_DETECTION - Detect credit card numbers
  • SSN_DETECTION - Detect social security numbers
  • API_KEY_DETECTION - Detect leaked API keys
  • PROMPT_INJECTION - Detect prompt injection attacks
  • JAILBREAK_DETECTION - Detect jailbreak attempts

Compliance:

  • FINANCIAL_ADVICE - Flag financial advice
  • MEDICAL_ADVICE - Flag medical advice
  • LEGAL_ADVICE - Flag legal advice
  • GDPR_COMPLIANCE - Enforce GDPR rules
  • HIPAA_COMPLIANCE - Enforce HIPAA rules

Brand Safety:

  • COMPETITOR_MENTIONS - Detect competitor mentions
  • POSITIVE_TONE - Ensure positive tone
  • BRAND_VOICE - Maintain brand voice
  • OFF_TOPIC_DETECTION - Detect off-topic responses

Accuracy:

  • HALLUCINATION_DETECTION - Detect hallucinations
  • FACT_CHECKING - Verify facts
  • SOURCE_VALIDATION - Validate sources
  • CONSISTENCY_CHECK - Check consistency

4. Apply a Guardrail to an Agent

User says: "Add PII detection to my chatbot" / "Apply toxic language filter to agent xyz"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    name: "PII Detection",
    description: "Automatically detect and redact PII",
    agentId: "${agentId}",
    template: "PII_DETECTION",
    type: "ML",
    category: "SECURITY",
    scope: "BOTH",
    action: "REDACT",
    severity: "HIGH",
    isEnabled: true,
    priority: 0
  })
})

Guardrail Options:

Type:

  • RULE - Simple regex/keyword matching (fast)
  • ML - Machine learning model (balanced)
  • LLM - LLM-powered validation (most accurate)

Category:

  • CONTENT - Content moderation
  • SECURITY - Security checks
  • COMPLIANCE - Regulatory compliance
  • BRAND - Brand safety
  • ACCURACY - Accuracy checks
  • CUSTOM - Custom rules

Scope:

  • INPUT - Validate user input only
  • OUTPUT - Validate agent output only
  • BOTH - Validate both directions

Action:

  • BLOCK - Block the request/response entirely
  • WARN - Log warning but allow through
  • REDACT - Mask the offending content
  • REPLACE - Replace with alternative content
  • RETRY - Retry with modified prompt
  • ESCALATE - Escalate to human review

Severity:

  • LOW, MEDIUM, HIGH, CRITICAL

5. Validate Content Against Guardrails

User says: "Check if this message passes guardrails: [content]"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/organizations/${orgId}/guardrails/validate",
  method: "POST",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    content: "User's message here",
    agentId: "${agentId}",
    scope: "INPUT"
  })
})

Response shows:

  • Whether content passed or failed
  • Which guardrails were triggered
  • Suggested actions (block, redact, warn)
  • Modified content (if redaction applied)

6. Discover Public Agents

User says: "Find public data analysis agents" / "Show me chatbot agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?visibility=PUBLIC&search=data",
  headers: { "Accept": "application/json" }
  // Authorization optional for public agents (includes it for more results)
})

Filters available:

  • ?visibility=PUBLIC - public marketplace agents
  • ?role=SERVER - agents that provide services
  • ?role=CLIENT - agents that consume services
  • ?status=ACTIVE - only active agents
  • ?search=keyword - search by name/description

Present to user:

  • List of matching agents with:
    • Name, description, agent ID
    • Trust score and level
    • Role (SERVER/CLIENT)
    • Key capabilities
    • Link to full card

Example output:

Found 2 public data analysis agents:

1. OpenData Analyzer (VERIFIED - 88.0/100)
   - Capabilities: data:analyze, chart:generate, report:create
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/opendata-1/agent-card

2. CSV Processor (STANDARD - 70.0/100)
   - Capabilities: file:parse, data:transform, export:json
   - Role: SERVER | Status: ACTIVE
   - Card: https://api.praesidia.ai/agents/csv-proc/agent-card

7. List User's Agents

User says: "Show my agents" / "List all my server agents"

Your action:

web_fetch({
  url: "${PRAESIDIA_API_URL}/agents/discovery?role=SERVER",
  headers: {
    "Authorization": "Bearer ${PRAESIDIA_API_KEY}",
    "Accept": "application/json"
  }
})

This returns all agents the user has access to (their own + team/org agents).

Trust Levels Guide

Present trust information clearly to help users make decisions:

Trust Score Level Meaning Recommendation
90-100 VERIFIED Fully vetted, compliant, verified identity ✅ Safe to use
70-89 STANDARD Good reputation, basic verification ✅ Generally safe
50-69 LIMITED Minimal verification ⚠️ Use with caution
0-49 UNTRUSTED Not verified or poor reputation ❌ Not recommended

Always show the trust score numerically (e.g., 92.5/100) and the level (e.g., VERIFIED).

Error Handling

Error Meaning What to tell user
401 Unauthorized API key missing/invalid "Check PRAESIDIA_API_KEY in ~/.openclaw/openclaw.json"
403 Forbidden No permission "You don't have access to this agent"
404 Not Found Agent doesn't exist "Agent not found. Check the agent ID"
500 Server Error Praesidia API issue "Praesidia API temporarily unavailable. Try again"

API Endpoints

GET /agents/:id/agent-card

Fetch detailed agent card with trust data.

Auth: Required for private/team/org agents, optional for public Returns: A2A agent card + Praesidia extensions (trust, compliance)

GET /agents/discovery

List/search agents with filters.

Auth: Optional (more results with auth) Query params: role, status, visibility, search Returns: Array of agent summaries with card URLs

Guardrails Best Practices

When helping users with guardrails:

  1. Start with templates - Use predefined templates before custom rules
  2. Layer security - Combine multiple guardrails (PII + Toxic + Compliance)
  3. Test before enabling - Use validate endpoint to test content first
  4. Monitor triggers - Check stats regularly to tune thresholds
  5. Scope appropriately - Use INPUT for user content, OUTPUT for agent responses
  6. Choose right action:
    • BLOCK for critical security issues (PII, prompt injection)
    • REDACT for sensitive data that can be masked
    • WARN for compliance/brand issues that need logging
    • ESCALATE for edge cases requiring human review

Best Practices

  1. Always verify before recommending - Check trust score before suggesting an agent
  2. Explain trust levels - Users may not know what "VERIFIED" means
  3. Filter by SERVER role - When users want agents to use/call
  4. Show compliance - Important for enterprise users (SOC2, GDPR)
  5. Present trust score numerically - 92.5/100 is clearer than just "VERIFIED"
  6. Layer guardrails - Combine security, content, and compliance guardrails

Common User Patterns

Pattern 1: Safety Check

User: "Is agent xyz safe to use?"
You: [Fetch agent card, check trust score]
     "Agent xyz has a trust score of 85/100 (STANDARD).
      It's verified for basic operations. What would you like to use it for?"

Pattern 2: Capability Discovery

User: "I need an agent that can analyze spreadsheets"
You: [Search discovery with visibility=PUBLIC&search=spreadsheet]
     "I found 3 spreadsheet analysis agents. The highest rated is..."

Pattern 3: Fleet Management

User: "Show me all my agents that are inactive"
You: [Fetch discovery with status=INACTIVE]
     "You have 2 inactive agents: [list with trust scores]"

Pattern 4: Apply Security

User: "I need to secure my chatbot against PII leaks"
You: [List available templates, recommend PII_DETECTION]
     [Apply guardrail with REDACT action on BOTH scope]
     "I've added PII Detection (ML-powered) to your chatbot.
      It will automatically redact sensitive information in both
      user inputs and bot responses."

Pattern 5: Compliance Check

User: "My agent handles healthcare data. What guardrails should I add?"
You: [Check if HIPAA compliance is required]
     [Recommend HIPAA_COMPLIANCE + PII_DETECTION + AUDIT_LOGGING]
     "For healthcare data, I recommend these guardrails:
      1. HIPAA Compliance (BLOCK on violations)
      2. PII Detection (REDACT)
      3. Medical Advice Warning (WARN)
      Would you like me to apply these?"

Environment Variables

  • PRAESIDIA_API_KEY (required) - Your API key from https://app.praesidia.ai
  • PRAESIDIA_API_URL (optional) - Defaults to https://api.praesidia.ai
    • Production: https://api.praesidia.ai
    • Local dev: http://localhost:3000
    • Custom: Your deployment URL

Additional Resources

Security & Privacy

  • All production requests use HTTPS
  • API keys stored in OpenClaw config (never exposed to users)
  • Private/team/org agents require authentication
  • Public agents accessible without auth
  • Trust verification protects against malicious agents
安全使用建议
This skill appears to implement a Praesidia integration (it will call praesidia.ai endpoints) and only asks for a PRAESIDIA_API_KEY — that part is reasonable. Before installing, double-check the following: - PRAESIDIA_API_URL mismatch: The documentation uses PRAESIDIA_API_URL (and local dev URLs) but the skill metadata only declares PRAESIDIA_API_KEY. Ensure you set PRAESIDIA_API_URL where required (or confirm the platform supplies a default) to avoid accidental calls to an unexpected endpoint. - API key handling: The skill expects you to store an API key in ~/.openclaw/openclaw.json. Use a least-privilege key if Praesidia supports scoped keys, and avoid exposing long-lived production keys in shared environments. - Data exposure: The skill sends agent IDs, guardrail content, and arbitrary text to Praesidia's API. Review Praesidia's privacy/security policies to ensure sending that data is acceptable for your use case. - orgId ambiguity: The runtime instructions say to obtain orgId from the 'user's profile or context' but do not constrain where to look. Decide and document where orgId should come from (explicit user input, authenticated account profile, or config) to avoid the agent searching unexpected files or contexts for it. - Test in dev first: Use a restricted test API key and the local dev URL option to verify behavior before enabling in production. Monitor the first few requests to confirm that only expected data is transmitted. If you cannot confirm PRAESIDIA's vendor identity or the intended config for orgId/PRAESIDIA_API_URL, treat this skill with caution and ask the skill author or vendor for clarifications and a minimal-scope API key before enabling it.
功能分析
Type: OpenClaw Skill Name: praesidia-ai-a2a Version: 0.1.0 The skill bundle is benign. It provides clear, well-structured instructions for an AI agent to interact with the Praesidia API for agent verification, trust scoring, discovery, and guardrail management. All `web_fetch` calls are directed to the declared Praesidia API endpoint (`${PRAESIDIA_API_URL}`) and use the expected `PRAESIDIA_API_KEY` for authentication. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's core function or privacy. The documentation (SKILL.md and README.md) focuses on guiding the AI to use the skill transparently and effectively for the user, including explicit instructions on error handling and presenting information clearly.
能力评估
Purpose & Capability
Name/description (agent verification, trust scores, guardrails) match the runtime actions: all instructions call Praesidia REST endpoints using a Praesidia API key. Requesting a PRAESIDIA_API_KEY is proportionate for these capabilities.
Instruction Scope
The SKILL.md tells the agent to call Praesidia endpoints and to 'get the user's organization ID from their profile or context' but does not specify how to obtain orgId or what contexts are acceptable. This grants broad discretion to the agent and is vague. The instructions also reference PRAESIDIA_API_URL and show exact URL usage; they will transmit user/agent identifiers and content to an external service (Praesidia) when invoked. The combination of vague orgId access and external calls is a scope concern.
Install Mechanism
Instruction-only skill with no install spec, no code files, and no downloads — lowest-risk installation footprint.
Credentials
Declared required env var is only PRAESIDIA_API_KEY (primary credential), which is appropriate. However, the SKILL.md and README repeatedly reference PRAESIDIA_API_URL (and local dev URLs) while requires.env does not declare PRAESIDIA_API_URL. The instructions therefore access an environment/config value that isn't listed in the skill metadata — an incoherence that can lead to misconfiguration or unexpected behavior.
Persistence & Privilege
always is false and there's no install-time modification of other skills or system-wide settings. The skill does instruct storing the API key in ~/.openclaw/openclaw.json (typical for OpenClaw skills) which is expected and scoped to the agent.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install praesidia-ai-a2a
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /praesidia-ai-a2a 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Praesidia 0.1.0 – Initial Release - Adds agent verification, including trust scores and compliance checks. - Enables discovery of public marketplace agents using advanced filters. - Introduces guardrail management: list, apply, and validate guardrails (security, content, compliance, etc.). - Supports fetching Agent-to-Agent (A2A) protocol cards for interoperability. - Offers a comprehensive quick reference for core API use cases.
元数据
Slug praesidia-ai-a2a
版本 0.1.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Praesidia 是什么?

Verify AI agents, check trust scores (0-100), fetch A2A agent cards, discover marketplace agents, apply guardrails for security and compliance. Use when user mentions agent verification, trust scores, agent discovery, A2A protocol, agent identity, agent marketplace, guardrails, security policies, content moderation, or asks "is this agent safe?" or "find agents that can [task]" or "apply guardrails to protect my agent". 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1383 次。

如何安装 Praesidia?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install praesidia-ai-a2a」即可一键安装,无需额外配置。

Praesidia 是免费的吗?

是的,Praesidia 完全免费(开源免费),可自由下载、安装和使用。

Praesidia 支持哪些平台?

Praesidia 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Praesidia?

由 msoica(@msoica)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论